generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Prevent use of binary curves when OPENSSL_NO_EC2M is defined

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2014-11-17 19:39:32 +00:00 committed by Matt Caswell
parent d253c9cd30
commit 1a14b47ed9
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/t1_lib.c
View File

@ -435,6 +435,10 @@ static int tls_curve_allowed(SSL *s, const unsigned char *curve, int op)
sizeof(nid_list)/sizeof(nid_list[0]))) sizeof(nid_list)/sizeof(nid_list[0])))
return 0; return 0;
cinfo = &nid_list[curve[1]-1]; cinfo = &nid_list[curve[1]-1];
#ifdef OPENSSL_NO_EC2M
if (cinfo->flags & TLS_CURVE_CHAR2)
return 0;
#endif
return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)curve); return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)curve);
} }